Changeset 273271 in webkit
- Timestamp:
- Feb 22, 2021 1:08:13 PM (3 years ago)
- Location:
- trunk/Source/WebKit
- Files:
-
- 2 edited
-
ChangeLog (modified) (1 diff)
-
Shared/mac/AuxiliaryProcessMac.mm (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r273270 r273271 1 2021-02-22 Per Arne Vollan <pvollan@apple.com> 2 3 [macOS] Crash under AuxiliaryProcess::initializeSandbox 4 https://bugs.webkit.org/show_bug.cgi?id=222233 5 <rdar://problem/74261611> 6 7 Reviewed by Brent Fulgham. 8 9 When a WebKit client provides a user directory suffix in the process initialization parameters, confstr with the new 10 user suffix applied will fail to create the full directory path if it does not exist, and return an empty result. 11 This will lead to empty paths in the sandbox parameters, which will cause the sandbox to fail to compile, which will 12 eventually crash the WebKit process. This patch addresses this by making sure the new user directory suffix does not 13 represent a path, since confstr is not able to handle user directory suffixes containing paths that do not exist. 14 Additionally, this patch reverts r271417, which was the first attempt at fixing this crash, but was unsuccessful in 15 doing so. 16 17 * Shared/mac/AuxiliaryProcessMac.mm: 18 (WebKit::initializeSandboxParameters): 19 (WebKit::AuxiliaryProcess::initializeSandbox): 20 1 21 2021-02-22 Per Arne <pvollan@apple.com> 2 22 -
trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm
r272896 r273271 640 640 if (sandboxParameters.userDirectorySuffix().isNull()) { 641 641 auto userDirectorySuffix = parameters.extraInitializationData.find("user-directory-suffix"); 642 if (userDirectorySuffix != parameters.extraInitializationData.end()) 643 sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]); 644 else { 642 if (userDirectorySuffix != parameters.extraInitializationData.end()) { 643 String suffix = userDirectorySuffix->value; 644 auto firstPathSeparator = suffix.find("/"); 645 if (firstPathSeparator != notFound) 646 suffix.truncate(firstPathSeparator); 647 sandboxParameters.setUserDirectorySuffix(suffix); 648 } else { 645 649 String clientIdentifier = codeSigningIdentifier(parameters.connectionIdentifier.xpcConnection.get()); 646 650 if (clientIdentifier.isNull()) … … 661 665 662 666 // Use private temporary and cache directories. 663 _set_user_dir_suffix(FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data());667 setenv("DIRHELPER_USER_DIR_SUFFIX", FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data(), 1); 664 668 char temporaryDirectory[PATH_MAX]; 665 669 if (!confstr(_CS_DARWIN_USER_TEMP_DIR, temporaryDirectory, sizeof(temporaryDirectory))) { … … 707 711 // This must be called before initializeSandboxParameters so that the path does not include the user directory suffix. 708 712 // We don't want the user directory suffix because we want all processes of the same type to use the same cache directory. 709 // First, make sure the user directory suffix is empty at this point. This is normally already the case, but some host710 // processes are setting the user directory suffix, which we will inherit, and our sandbox datavault will then end up711 // inside the host process' cache folder, which is undesirable.712 _set_user_dir_suffix(nullptr);713 713 String dataVaultParentDirectory { sandboxDataVaultParentDirectory() }; 714 714 #else
Note: See TracChangeset
for help on using the changeset viewer.
